EUVD-2022-32797

Malicious code in bioql PyPI...

CVE-2022-28345

The Signal app before 5.34 for iOS allows URI spoofing via RTLO injection. It incorrectly renders RTLO encoded URLs beginning with a non-breaking space, when there is a hash character in the URL. This technique allows a remote unauthenticated attacker to send legitimate looking links, appearing t...

CVE-2022-28345

The Signal app before 5.34 for iOS allows URI spoofing via RTLO injection. It incorrectly renders RTLO encoded URLs beginning with a non-breaking space, when there is a hash character in the URL. This technique allows a remote unauthenticated attacker to send legitimate looking links, appearing t...

Crlf injection

The Signal app before 5.34 for iOS allows URI spoofing via RTLO injection. It incorrectly renders RTLO encoded URLs beginning with a non-breaking space, when there is a hash character in the URL. This technique allows a remote unauthenticated attacker to send legitimate looking links, appearing t...

CVE-2022-28345

The CVE-2022-28345 issue affects the Signal iOS app prior to version 5.34, where RTLO-injected, RTLO-encoded URLs beginning with an unbroken space (in the presence of a hash segment) can be rendered to resemble legitimate sites. An unauthenticated remote attacker could exploit this to spoof links...

Signal iOS Client 注入漏洞

Signal iOS Client is a free open source messaging application from Signal Open Source. It is used for simple private communication with friends. Signal for iOS had a security vulnerability prior to version 5.34 that stemmed from allowing URI spoofing via RTLO injection. It incorrectly rendered...